cifs.upcall does not use the kerberos default credential cache file, so many features fail
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cifs-utils (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
cifs.upcall does not use the default kerberos credential cache file name. Attempting to make smb3 mounts in /etc/fstab with username=
...krb5_
This can be worked-around by adding:
[libdefaults]
# Use the same cache path as cifs.upcall
# Supposedly the value we set is the default, but there seems to be
# an additional underscore and then a 4 character hash unless
# this is set. The result, unless we set this param, is that
# cifs.upcall cannot get the kerberos ticket-
# This is only visible in the journalctrl logs.
default_
to /etc/krb5.conf. I believe a reboot is required.
This is with user accounts authenticated against MS Active Directory. (Which
uses kerberos).
Without the workaround the user accounts do not authenticate, so per-user mounts are not possible.
See also Ubuntu bug #2012140
https:/
ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: cifs-utils 2:6.14-1ubuntu0.1
ProcVersionSign
Uname: Linux 5.15.0-67-generic x86_64
ApportVersion: 2.20.11-0ubuntu82.3
Architecture: amd64
CasperMD5CheckR
Date: Sat Mar 18 17:43:19 2023
InstallationDate: Installed on 2023-03-09 (9 days ago)
InstallationMedia: Ubuntu-Server 22.04.2 LTS "Jammy Jellyfish" - Release amd64 (20230217.1)
ProcEnviron:
SHELL=/bin/bash
LANG=en_US.UTF-8
TERM=xterm-
PATH=(custom, no user)
SourcePackage: cifs-utils
UpgradeStatus: No upgrade log present (probably fresh install)
See also: bug #2012145 bug #2012147